www.ath.co.com Open in urlscan Pro
52.70.186.218  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ath.co.com/	8 KB 3 KB	457ms 117ms	Document text/html	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.ath.co.com/?rid=LUxrGLs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software / Resource Hash dace611ed71fe90a2ab2a380aa0c651d2115887a82c3f03f25f6dad00f9d7ab1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 2781 content-type text/html; charset=utf-8 date Thu, 18 Aug 2022 17:10:59 GMT vary Accept-Encoding x-server gophish
GET H/1.1	200 OK	style1.css ath.co.com/data_cap/assets/css/	1 KB 888 B	299ms 98ms	Stylesheet text/css	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ath.co.com:4443/data_cap/assets/css/style1.css Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 1b87f038bb7466f01e1a52e49560ad8ca54578721db150e6a02718e4f67a717b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Content-Encoding gzip Last-Modified Tue, 16 Aug 2022 18:54:37 GMT Server Apache/2.4.41 (Ubuntu) ETag "467-5e66047aba239-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 552
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	136ms 40ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 16 Aug 2022 09:59:00 GMT content-encoding gzip x-content-type-options nosniff age 198719 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Aug 2023 09:59:00 GMT
GET H/1.1	200 OK	main.js Show response ath.co.com/data_cap/assets/js/	3 KB 1 KB	298ms 99ms	Script application/javascript	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ath.co.com:4443/data_cap/assets/js/main.js Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash f96e39760ed7cd143debbdd86c60b8bedd247f5ced9fbed39fa37d6e460991a5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Content-Encoding gzip Last-Modified Tue, 16 Aug 2022 19:01:41 GMT Server Apache/2.4.41 (Ubuntu) ETag "cd7-5e66060ee41b9-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 885
GET H/1.1	200 OK	aval.png ath.co.com/data_cap/Aplicaci%C3%B3n%20de%20Enrutamiento_files/	33 KB 34 KB	139ms 99ms	Image image/png	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ath.co.com:4443/data_cap/Aplicaci%C3%B3n%20de%20Enrutamiento_files/aval.png Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 2be84d15f4d59ddea9eb544a662f66d2634c0775cc846fb1d3484bd0afed9f26 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Last-Modified Tue, 16 Aug 2022 18:54:50 GMT Server Apache/2.4.41 (Ubuntu) ETag "858f-5e6604871a24b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 34191
GET H/1.1	200 OK	logologin.png ath.co.com/data_cap/Aplicaci%C3%B3n%20de%20Enrutamiento_files/	6 KB 6 KB	202ms 101ms	Image image/png	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ath.co.com:4443/data_cap/Aplicaci%C3%B3n%20de%20Enrutamiento_files/logologin.png Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash a1515664066f99af8965ae72d9d504aa287a2549901eb340bb4d249b048e76b3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Last-Modified Tue, 16 Aug 2022 18:54:50 GMT Server Apache/2.4.41 (Ubuntu) ETag "1613-5e660487b75f2" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 5651
GET H/1.1	200 OK	bancos_grupo.png ath.co.com/data_cap/Aplicaci%C3%B3n%20de%20Enrutamiento_files/	7 KB 7 KB	239ms 98ms	Image image/png	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ath.co.com:4443/data_cap/Aplicaci%C3%B3n%20de%20Enrutamiento_files/bancos_grupo.png Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash ea62e45514bfa0da42a26060609f936c13917f74417b201b7d95bb7a4da95a17 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Last-Modified Tue, 16 Aug 2022 18:54:50 GMT Server Apache/2.4.41 (Ubuntu) ETag "1b59-5e660487693ee" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 7001
GET H/1.1	200 OK	image.jpg ath.co.com/data_cap/Signin_files/	33 KB 34 KB	298ms 100ms	Image image/jpeg	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ath.co.com:4443/data_cap/Signin_files/image.jpg Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 2be84d15f4d59ddea9eb544a662f66d2634c0775cc846fb1d3484bd0afed9f26 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Last-Modified Tue, 16 Aug 2022 18:54:35 GMT Server Apache/2.4.41 (Ubuntu) ETag "858f-5e660478f9e45" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 34191
GET H/1.1	200 OK	jquery-3.js Show response ath.co.com/data_cap/Signin_files/	87 KB 31 KB	103ms 103ms	Script application/javascript	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ath.co.com:4443/data_cap/Signin_files/jquery-3.js Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Content-Encoding gzip Last-Modified Tue, 16 Aug 2022 18:54:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "15d84-5e660475ed9c1-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30910
GET H/1.1	200 OK	microsoft_logo.svg ath.co.com/data_cap/assets/img/	4 KB 4 KB	260ms 101ms	Image image/svg+xml	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ath.co.com:4443/data_cap/assets/img/microsoft_logo.svg Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Last-Modified Tue, 16 Aug 2022 18:54:38 GMT Server Apache/2.4.41 (Ubuntu) ETag "e43-5e66047b85443" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3651
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/	87 KB 28 KB	55ms 21ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 17:10:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1285485 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27958 timing-allow-origin * last-modified Mon, 04 May 2020 23:01:39 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb09ed3-15d84" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DJPoAU7twB1t78dDEvazK2cOBGQmC3Y%2FDsp6HYv30mJNZ6l4y3y8OScr%2B47b%2B3%2BPw3k0Kg%2BDuWMz%2FUOgD%2FAM9e9UGaYFC5fUT%2FSvv5aDdDhwdeGtWqzEQMmabMkVBcuRYwoo94OHt4Wey0ygiMdKoDh"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 73cc441eb98f9a23-FRA expires Tue, 08 Aug 2023 17:10:59 GMT
GET H2	200	bootstrap.bundle.min.js Show response cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/	79 KB 19 KB	32ms 22ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.bundle.min.js Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 17:10:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 66796 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19084 timing-allow-origin * last-modified Tue, 12 May 2020 17:56:41 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5ebae359-13cbc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B1ardLvEL7zbMe013QVslffgl8sTE62YuNzYL2AZpHHrVasFP1ki0HTFH1IMoH7GRJJkVKDxUSWHu99aevq5m9LX1WF9DLtt7x2d0CO4Tf6K%2B0lODSydPa3taLH43mfrSx3kStsHGtku4QG6EOGtIgt"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 73cc441eb9919a23-FRA expires Tue, 08 Aug 2023 17:10:59 GMT
GET H/1.1	200 OK	script.min.js Show response ath.co.com/data_cap/assets/js/	3 KB 1 KB	101ms 98ms	Script application/javascript	52.70.186.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ath.co.com:4443/data_cap/assets/js/script.min.js Requested by Host: www.ath.co.com URL: https://www.ath.co.com/?rid=LUxrGLs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.70.186.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-186-218.compute-1.amazonaws.com Software Apache/2.4.41 (Ubuntu) / Resource Hash 552cc8661071dd1607b021b650ac0cc2865fd0bf09a414b5d2a455416dbf4cd1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ath.co.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 18 Aug 2022 17:10:59 GMT Content-Encoding gzip Last-Modified Tue, 16 Aug 2022 18:54:36 GMT Server Apache/2.4.41 (Ubuntu) ETag "a40-5e6604799b06c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 833
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	133ms 47ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: ath.co.com URL: https://ath.co.com:4443/data_cap/assets/css/style1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ath.co.com:4443/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 18 Aug 2022 15:19:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 18 Aug 2022 17:10:59 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 18 Aug 2022 17:10:59 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v34/	16 KB 17 KB	122ms 39ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ath.co.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 18:51:26 GMT x-content-type-options nosniff age 253173 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16740 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:14:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 15 Aug 2023 18:51:26 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| nextPage2 function| nextPage3 object| $inputs object| bootstrap function| validateEmail function| validate function| validatePassword object| input1 object| input2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ath.co.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
www.ath.co.com
2606:4700::6811:180e
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
52.70.186.218
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1b87f038bb7466f01e1a52e49560ad8ca54578721db150e6a02718e4f67a717b
2be84d15f4d59ddea9eb544a662f66d2634c0775cc846fb1d3484bd0afed9f26
552cc8661071dd1607b021b650ac0cc2865fd0bf09a414b5d2a455416dbf4cd1
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
a1515664066f99af8965ae72d9d504aa287a2549901eb340bb4d249b048e76b3
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
dace611ed71fe90a2ab2a380aa0c651d2115887a82c3f03f25f6dad00f9d7ab1
ea62e45514bfa0da42a26060609f936c13917f74417b201b7d95bb7a4da95a17
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f96e39760ed7cd143debbdd86c60b8bedd247f5ced9fbed39fa37d6e460991a5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e